Is Spaghetti Code Secure?

Why does Legacy code have spaghetti in it? In the continuing evaluation of TE SW I have come across a function that I will call getValue(). It is a single source for over a hundred variables. I believe its purpose is to return a value based on the name passed to it. There are no comments to indicate why what is there is there. No guidance to how it is intended to be used. Then as one tries to examine the flow, one finds it is a complex recursive function! Recursion can be fun, but not when one is debugging.

Oh that reminds me, debugging Classic ASP code still does not work on my 64bit beast and under VS 2008 SP1.

So I wrote “ShowLog.asp” which just displays the Application level string variable gicLogStr. To which a gicLog is written as a tracing tool. It still does not help explain the logic of the design, but at least I can follow its path and determine how it is getting to where it is at when it stops.

Even though the TE website is secured with a login name and password, it does NOT use SSL. That is always an HTTP vs. HTTPS (or secure) site. The list of things needing to be changed grows longer.